<!--
Copyright 2024 Specter Ops, Inc.

Licensed under the Apache License, Version 2.0
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

SPDX-License-Identifier: Apache-2.0
-->
<svg xmlns="http://www.w3.org/2000/svg" width="1915" height="514" viewBox="0 0 1915 514"><defs><style type="text/css"/></defs><g transform="translate(-21 63.599999999999994) scale(1)"><g class="relationship"><g transform="translate(1434.5135272197335 335.88693405944036) rotate(-20.294793241263665)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 392.4197853732252 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(417.28193599097347 0) rotate(0)" stroke="none"/></g><g transform="translate(1646.2114532665983 257.59936311705917) rotate(-20.294793241263665) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-45.01171875 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="90.0234375" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">RootCAFor</text></g></g></g></g><g class="relationship"><g transform="translate(1119.4632817169047 170.6883448055827) rotate(27.67055398791964)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 271.8726257014323 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(296.73477631918064 0) rotate(0)" stroke="none"/></g><g transform="translate(1265.9790413454655 247.51481023323217) rotate(27.67055398791964) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-62.81640625 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="125.6328125" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">IssuedSignedBy</text></g></g></g></g><g class="relationship"><g transform="translate(1434.5135272197335 50) rotate(15.118589716297125)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 378.8684245896354 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(403.7305752073837 0) rotate(0)" stroke="none"/></g><g transform="translate(1645.8700014578103 107.10192738254565) rotate(15.118589716297125) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-62.6484375 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="125.296875" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">NTAuthStoreFor</text></g></g></g></g><g class="relationship"><g transform="translate(1119.4632817169047 170.6883448055827) rotate(-20.96066208319657)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 253.5135061260422 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(278.3756567437905 0) rotate(0)" stroke="none"/></g><g transform="translate(1265.3799399877323 114.79110232554186) rotate(-20.96066208319657) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-70.3515625 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="140.703125" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">TrustedForNTAuth</text></g></g></g></g><g class="relationship"><g transform="translate(688.2215061752007 335.88693405944036) rotate(-20.960662083196564)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 377.9387186579886 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(402.8008692757369 0) rotate(0)" stroke="none"/></g><g transform="translate(892.2339294654658 257.734569355262) rotate(-20.960662083196564) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-48.5859375 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="97.171875" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">PublishedTo</text></g></g></g></g><g class="relationship"><g transform="translate(688.221506175201 50) rotate(15.634933797979032)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 363.94935609492256 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(388.81150671267085 0) rotate(0)" stroke="none"/></g><g transform="translate(891.8712880058672 106.99391033785474) rotate(15.634933797979032) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-48.5859375 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="97.171875" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">PublishedTo</text></g></g></g></g><g class="relationship"><g transform="translate(688.221506175201 50) rotate(90.00000000000006)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 202.02478344169205 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(226.88693405944036 0) rotate(0)" stroke="none"/></g><g transform="translate(688.2215061752008 180.51239172084604) rotate(270.00000000000006) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-67.25390625 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="134.5078125" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">EnrollOnBehalfOf</text></g></g></g></g><g class="relationship"><g transform="translate(357.69846441252275 170.6883448055827) rotate(0)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 677.9026666866337 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(702.764817304382 0) rotate(0)" stroke="none"/></g><g transform="translate(726.1497977558396 170.6883448055827) rotate(0) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-25.453125 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="50.90625" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">Enroll</text></g></g></g></g><g class="relationship"><g transform="translate(75 50) rotate(23.118385197772763)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 223.5205072423034 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(248.38265786005172 0) rotate(0)" stroke="none"/></g><g transform="translate(204.9164274889076 105.46333132468266) rotate(23.118385197772763) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-42.78515625 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="85.5703125" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">MemberOf</text></g></g></g></g><g class="relationship"><g transform="translate(357.69846441252275 170.6883448055827) rotate(26.556323213695062)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 285.64570454573493 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(310.50785516348327 0) rotate(0)" stroke="none"/></g><g transform="translate(511.8404467886461 247.72998734139185) rotate(26.556323213695062) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-70.37109375 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="140.7421875" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">AllExtendedRights</text></g></g></g></g><g class="relationship"><g transform="translate(357.69846441252275 170.6883448055827) rotate(-20.059337850221134)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 268.0059464128923 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(292.8680970306406 0) rotate(0)" stroke="none"/></g><g transform="translate(511.28300503295395 114.60794600387155) rotate(-20.059337850221134) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-25.453125 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="50.90625" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">Enroll</text></g></g></g></g><g class="node"><g fill="#68ccca" stroke="#000000" stroke-width="4"><circle cx="1881.2280990212867" cy="170.6883448055827" r="52"/></g><g transform="translate(1881.2280990212867 170.6883448055827)"><g transform="scale(0.49218800781249994) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">Domain</text></g></g></g></g></g><g class="node"><g fill="#653294" stroke="#000000" stroke-width="4"><circle cx="1434.5135272197335" cy="50" r="52"/></g><g transform="translate(1434.5135272197335 50)"><g transform="scale(0.30859444140625003) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#ffffff" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">NTAuthStore</text></g></g></g></g></g><g class="node"><g fill="#653294" stroke="#000000" stroke-width="4"><circle cx="1434.5135272197335" cy="335.88693405944036" r="52"/></g><g transform="translate(1434.5135272197335 335.88693405944036)"><g transform="scale(0.484375515625) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#ffffff" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">RootCA</text></g></g></g></g></g><g class="node"><g fill="#194d33" stroke="#000000" stroke-width="4"><circle cx="1119.4632817169047" cy="170.6883448055827" r="52"/></g><g transform="translate(1119.4632817169047 170.6883448055827)"><g transform="scale(0.27148510351562494) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#ffffff" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">EnterpriseCA1</text></g></g></g><g transform="translate(3.429011037612589e-15 -75.2)"><g transform="translate(0 0)"><g transform="translate(-162.73828125 0)" fill="white"><rect x="0" y="0" width="325.4765625" height="19.2" rx="0" ry="0" stroke="none"/><g font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000" text-anchor="end"><text xml:space="preserve" x="277.4609375" y="14.1" stroke="none">EnrollmentAgentRestrictionsCollected:</text><text xml:space="preserve" x="281.90625" y="14.1" stroke="none" text-anchor="start">False</text></g></g></g></g></g></g><g class="node"><g fill="#fda1ff" stroke="#000000" stroke-width="4"><circle cx="688.2215061752007" cy="335.88693405944036" r="52"/></g><g transform="translate(688.2215061752007 335.88693405944036)"><g transform="scale(0.27148510351562494) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">CertTemplate2</text></g></g></g><g transform="translate(3.429011037612589e-15 56)"><g transform="translate(0 0)"><g transform="translate(-123.6171875 0)" fill="white"><rect x="0" y="0" width="247.234375" height="57.599999999999994" rx="0" ry="0" stroke="none"/><g font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000" text-anchor="end"><text xml:space="preserve" x="199.21875" y="14.1" stroke="none">AuthenticationEnabled:</text><text xml:space="preserve" x="203.6640625" y="14.1" stroke="none" text-anchor="start">True</text><text xml:space="preserve" x="199.21875" y="33.3" stroke="none" text-anchor="end">RequiresManagerApproval:</text><text xml:space="preserve" x="203.6640625" y="33.3" stroke="none" text-anchor="start">False</text><text xml:space="preserve" x="199.21875" y="52.5" stroke="none" text-anchor="end">SubjectAltRequireUPN:</text><text xml:space="preserve" x="203.6640625" y="52.5" stroke="none" text-anchor="start">True</text></g></g></g></g></g></g><g class="node"><g fill="#fda1ff" stroke="#000000" stroke-width="4"><circle cx="688.221506175201" cy="50" r="52"/></g><g transform="translate(688.221506175201 50)"><g transform="scale(0.27148510351562494) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">CertTemplate1</text></g></g></g><g transform="translate(3.429011037612589e-15 -113.6)"><g transform="translate(0 0)"><g transform="translate(-123.6171875 0)" fill="white"><rect x="0" y="0" width="247.234375" height="57.599999999999994" rx="0" ry="0" stroke="none"/><g font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000" text-anchor="end"><text xml:space="preserve" x="199.21875" y="14.1" stroke="none">RequiresManagerApproval:</text><text xml:space="preserve" x="203.6640625" y="14.1" stroke="none" text-anchor="start">False</text><text xml:space="preserve" x="199.21875" y="33.3" stroke="none" text-anchor="end">AuthorizedSignatures:</text><text xml:space="preserve" x="203.6640625" y="33.3" stroke="none" text-anchor="start">0</text><text xml:space="preserve" x="199.21875" y="52.5" stroke="none" text-anchor="end">SchemaVersion:</text><text xml:space="preserve" x="203.6640625" y="52.5" stroke="none" text-anchor="start">2</text></g></g></g></g></g></g><g class="node"><g fill="#ffffff" stroke="#d33115" stroke-width="4"><circle cx="357.69846441252275" cy="170.6883448055827" r="52"/></g><g transform="translate(357.69846441252275 170.6883448055827)"><g transform="scale(0.5039067460937499) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">Group1</text></g></g></g></g></g><g class="node"><g fill="#ffffff" stroke="#009ce0" stroke-width="4"><circle cx="75" cy="50" r="52"/></g><g transform="translate(75 50)"><g transform="scale(0.6132816367187499) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="13" stroke="none">User2</text></g></g></g></g></g></g></svg>
